Ulrich Mierendorff a écrit : > mouss wrote: >> Ulrich Mierendorff a écrit : >> >>> Magnus Bäck wrote: >>> >>>> On Sunday, June 07, 2009 at 17:02 CEST, >>>> Ulrich Mierendorff <ulrich.mierendo...@gmx.net> wrote: >>>> >>>> >>>> >>>>> My current configuration looks like this one: >>>>> ... >>>>> myhostname = example.com >>>>> myorigin = /etc/mailname >>>>> mydomain = example.com >>>>> mydestination = $mydomain, localhost >>>>> >>>> Is this server B? If so, why does it think it's the final destination >>>> for example.com when that's server A's assignment >>>> >>> Yes it's server B.. So should I write >>> mydestination = >>> ? >>> The log file then says something like >>> >>> Jun 7 1:2:3 example postfix/smtp[123]: 456: to=<u...@example.com>, >>> relay=mx0.example.com[ipA]:25, [...], status=bounced (host >>> mx0.example.com[ipA] refused to talk to me: 550 Forged HELO: you are not >>> example.com) >>> >>> I think this is not a problem of server B's postfix configuration, or am >>> I wrong? By the way: I do not have access to the configuration of >>> server A. >>> >>> >> >> Then change the hostname of server B. why do you set >> myhostname = example.com >> >> try with something like >> >> myhostname = joe.example.com >> >> where joe.example.com resolves in DNS. Ideally it should resolve to the >> public IP of server B. >> > Well, example.com is the domain for serverB. > DNS configuration is like this > example.com > A-record -> IP of server B > MX-record -> IP of server A > > Reverse DNS for IP of server B -> example.com
we don't really care for the reverse dns here. we are about getting a hostname that is accepted. There is no requirement that such a hostname be the reverse dns of any IP at all. > > (IPs are public IPs) > > I do not see, how joe.example.com could solve the problem. it will solve the problem because server A will not reject the mail. but if joe.example.com does not resolve in DNS, then other servers may reject your mail. so use a name that resolves (ideally to the IP of server B). if server B has other names, use one of these (but try to avoid www.example.com, web.example.com, ... etc). otherwise, you'll need to add a name to DNS. PS. if you prefer, you can change the helo without changing the hostname, you can use: smtp_helo_hostname = joe.example.com but you'd better to chaneg myhostname as well. As Magnus said, it is not a very good idea to set this to a "domain name". besides the fact that you need more care to get it working correctly, any spam incidents/accidents may get you blocklisted (many snowshow spammers love such names...) >> >>> I have also googled a bit, but could not find an explanation for this >>> error. >>> >>> >> >> server A has a check_helo_access that rejects inbound mail claiming to >> be from "example.com". This is a common check. but you should get server >> A to whitelist server B (to not perform such a check for server B). >> > I think that will not be possible. > That would however be the right way: server A is misconfigured since it rejects mail from server B, claiming that server B is not "example.com", but DNS shows that server B is. otherwise, change your helo as suggested. if you don't, there is nothing we can do for you, except recommending that you find an external relay...
